Abort on errors when we should
We're not strictly required to abort, but at least to leave the context
is an invalid state. For "late" functions like input() and output(),
calling abort() is the easiest way to do that. Do it systematically for
input() and output() by using a wrapper. psa_pake_get_implicit_key() was
already doing it. For "early" function, we can just leave the operation
in its current state which is already invalid.
Restore previous tests about that. Not adding systematic tests, though,
just test the two functions that are the most important, and more likely
to return errors.
Since we now abort in more cases, we need to make sure we don't
invalidate the operation that's going to be re-used later in the test.
For that reason, use a copy of the operation for calls to input() and
output() that are expected to return errors.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/library/psa_crypto_pake.c b/library/psa_crypto_pake.c
index 262d44d..541e6c4 100644
--- a/library/psa_crypto_pake.c
+++ b/library/psa_crypto_pake.c
@@ -385,7 +385,8 @@
}
#endif
-psa_status_t psa_pake_output( psa_pake_operation_t *operation,
+static psa_status_t psa_pake_output_internal(
+ psa_pake_operation_t *operation,
psa_pake_step_t step,
uint8_t *output,
size_t output_size,
@@ -427,10 +428,7 @@
if( operation->state == PSA_PAKE_STATE_SETUP ) {
status = psa_pake_ecjpake_setup( operation );
if( status != PSA_SUCCESS )
- {
- psa_pake_abort( operation );
return( status );
- }
}
if( operation->state != PSA_PAKE_STATE_READY &&
@@ -496,10 +494,7 @@
mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE );
if( ret != 0 )
- {
- psa_pake_abort( operation );
return( mbedtls_ecjpake_to_psa_error( ret ) );
- }
operation->buffer_offset = 0;
}
@@ -513,10 +508,7 @@
mbedtls_psa_get_random,
MBEDTLS_PSA_RANDOM_STATE );
if( ret != 0 )
- {
- psa_pake_abort( operation );
return( mbedtls_ecjpake_to_psa_error( ret ) );
- }
operation->buffer_offset = 0;
}
@@ -548,10 +540,7 @@
return( PSA_ERROR_DATA_CORRUPT );
if( output_size < length )
- {
- psa_pake_abort( operation );
return( PSA_ERROR_BUFFER_TOO_SMALL );
- }
memcpy( output,
operation->buffer + operation->buffer_offset,
@@ -584,7 +573,23 @@
return( PSA_ERROR_NOT_SUPPORTED );
}
-psa_status_t psa_pake_input( psa_pake_operation_t *operation,
+psa_status_t psa_pake_output( psa_pake_operation_t *operation,
+ psa_pake_step_t step,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
+{
+ psa_status_t status = psa_pake_output_internal(
+ operation, step, output, output_size, output_length );
+
+ if( status != PSA_SUCCESS )
+ psa_pake_abort( operation );
+
+ return( status );
+}
+
+static psa_status_t psa_pake_input_internal(
+ psa_pake_operation_t *operation,
psa_pake_step_t step,
const uint8_t *input,
size_t input_length )
@@ -631,10 +636,7 @@
{
status = psa_pake_ecjpake_setup( operation );
if( status != PSA_SUCCESS )
- {
- psa_pake_abort( operation );
return( status );
- }
}
if( operation->state != PSA_PAKE_STATE_READY &&
@@ -734,10 +736,7 @@
operation->buffer_length = 0;
if( ret != 0 )
- {
- psa_pake_abort( operation );
return( mbedtls_ecjpake_to_psa_error( ret ) );
- }
}
else if( operation->state == PSA_PAKE_INPUT_X4S &&
operation->sequence == PSA_PAKE_X1_STEP_ZK_PROOF )
@@ -750,10 +749,7 @@
operation->buffer_length = 0;
if( ret != 0 )
- {
- psa_pake_abort( operation );
return( mbedtls_ecjpake_to_psa_error( ret ) );
- }
}
if( ( operation->state == PSA_PAKE_INPUT_X1_X2 &&
@@ -775,6 +771,20 @@
return( PSA_ERROR_NOT_SUPPORTED );
}
+psa_status_t psa_pake_input( psa_pake_operation_t *operation,
+ psa_pake_step_t step,
+ const uint8_t *input,
+ size_t input_length )
+{
+ psa_status_t status = psa_pake_input_internal(
+ operation, step, input, input_length );
+
+ if( status != PSA_SUCCESS )
+ psa_pake_abort( operation );
+
+ return( status );
+}
+
psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation,
psa_key_derivation_operation_t *output)
{